ISC BIND 9.19.0
Approved changes feed: RSS · Atom
cpe:2.3:a:isc:bind:9.19.0:*:*:*:-:*:*:*
part: a version: 9.19.0 update: *
| Vendor | Isc (4a2f2b37-98b6-5702-822d-72afcd17d050) |
|---|---|
| Product | Bind (ea404969-e27c-5a4f-ab6f-da9eff8fdf08) |
| Edition | * |
| Language | * |
| Software edition | - |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/isc-projects/bind9 |
purl2cpe | 2026-06-01 10:15:10.890768 |
pkg:gitlab/isc-projects/bind9 |
purl2cpe | 2026-06-01 10:15:10.890770 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-1975 |
vulnerable | 2026-06-03 14:54:35.114245 |
SIG(0) can be used to exhaust CPU resources
HIGH (7.5)
If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests.
This issue affects BIND 9 versions 9.0.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.49-S1, and 9.18.11-S1 through 9.18.27-S1.
Published: 2024-07-23T14:38:57.143Z
Updated: 2025-02-13T17:32:28.908Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-1737 |
vulnerable | 2026-06-03 14:54:34.452732 |
BIND's database will be slow if a very large number of RRs exist at the same name
HIGH (7.5)
Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name.
This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.
Published: 2024-07-23T14:34:09.750Z
Updated: 2025-02-13T17:32:25.755Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-3080 |
vulnerable | 2026-06-03 14:47:51.975256 |
BIND 9 resolvers configured to answer from stale cache with zero stale-answer-client-timeout may terminate unexpectedly
HIGH (7.5)
By sending specific queries to the resolver, an attacker can cause named to crash.
Published: 2022-09-21T10:15:29.861Z
Updated: 2024-09-17T01:56:40.440Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-2795 |
vulnerable | 2026-06-03 14:47:07.341567 |
Processing large delegations may severely degrade resolver performance
MEDIUM (5.3)
By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.
Published: 2022-09-21T10:15:25.796Z
Updated: 2024-11-29T12:04:33.614Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-1183 |
vulnerable | 2026-06-03 14:45:58.205643 |
Destroying a TLS session early causes assertion failure
HIGH (7.5)
On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those that include a reference to http within the listen-on statements in their named.conf. TLS is used by both DNS over TLS (DoT) and DNS over HTTPS (DoH), but configurations using DoT alone are unaffected. Affects BIND 9.18.0 -> 9.18.2 and version 9.19.0 of the BIND 9.19 development branch.
Published: 2022-05-19T09:55:09.565Z
Updated: 2024-09-17T04:00:26.575Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.